The Importance of Hiring HIPAA Compliant Vendors

Any vendors with whom you share protected health information (PHI)–such as patients’ medical data, dates of birth, names, addresses, social security numbers, or financial information–are considered business associates under HIPAA regulation. A business associate is defined as any vendor who in any way handles PHI over the course of the work they’ve been hired to do. Some common examples include IT professionals, lawyers, accountants, or storage facilities, among many others.

When it comes to sharing PHI, behavioral health professionals need to ensure that their vendors are going to keep that data secure.

HIPAA Compliant Vendors for Telebehavioral Health

Telemental and telebehavioral health professionals, in particular, face this challenge with chat and video clients used over the course of telebehavioral health treatment. These service providers are considered HIPAA business associates because of their role in the direct transmission of PHI from the patient to the counselor or therapist.

Any chat or video clients used in the course of treatment must be HIPAA compliant, otherwise telebehavioral health professionals expose their practice to HIPAA violations.

In 2016, The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) levied millions in fines for the unlawful disclosure of PHI to business associates. The best way to protect your practice is to seek out vendors with HIPAA compliant services and execute a proper Business Associate Agreement before sharing PHI.

HIPAA Resources

Compliancy Group gives behavioral health professionals confidence in their HIPAA compliance with The Guard™. The Guard is a web-based HIPAA compliance solution, built by former auditors to help simplify compliance.

Compliancy Group’s team of expert Compliance Coaches™ field questions and guide users through the implementation process, taking the stress out of managing compliance. The Guard is built to address the full extent of HIPAA regulation, including fully automated documentation of policies, procedures, employee training, and remediation plans. The Guard includes policies and procedures that are uniquely tailored to the needs of your organization so you’ll never have to worry about the headaches that come with generic policy binders again.

With The Guard, behavioral health professionals can focus on running their practice while keeping their patients’ data protected and secure.

For more information about what you can do to protect your behavioral health practice, see these upcoming HIPAA educational webinars.